How to use when backend only accepts rsa keys? #5429

exocode · 2022-09-26T19:37:33Z

Question 💬

Hi there,

I struggle with the implementation of next-auth with my Rails app.

My Rails app uses ruby-jwt gem which only accepts rsa keys.
I found a thread where it's described how that works, but that seems outdated:

jwt/ruby-jwt#389

It seems next-auth replaced without replacement the signingKeyoption:

https://next-auth.js.org/getting-started/upgrade-v4#jwt-configuration

How can I connect them together.

It would be awesome if someone can provide an example code

Do I have to change my Rails app to fit NextAuth or vice versa?

How to reproduce ☕️

Next-Auth needs to be signed with
jose newkey -s 256 -t oct -a HS512

{"kty":"RSA","kid":"7Q5ePK6ZPeLmrBswdzcTDUDkHH1JBzfyB6Tb_f0ujYM","e":"AQAB","n":"vWCGTrLTYPOeLnMHD8X6v7E9p9MIQRVZ77ia4TygxSrE7y_Gxpu1S44pNBLO__68YngeLX_zmmdRa4Xa06MkWMnbXNrcBKUBOEq8J1EbrDzSLdbWo5rtT_cq7aYf3LbYoL3lWpk6gpmHaC310GgIihDJW1dboCyq1aNnuSSebUeJkJqzh364Xp8L2mneeQcdJRW59MSDSVX6yyfT2vHnR8TbsO0nSsE2rg8bihDm4SGkCiwMPfSLYfZcDDXbBgRLvgg37PZbmXtIlhL0TEgTv7RWLuZWTO3IYNvqqVW8IiU0DhMvfE7vxAMijd0-vD3r567o7oz7m9rVWBOSwksD1Q","d":"rAHuO7EFeXwNYtcrxNHoDRDplXOCfcrs42Xjl01AIZXVRgM5Is_u_W9kUV38ElzHsxCzKFSdaNMLCwSLW8tEijjePBq12Koez4hiGbv7zJd5uBT446Umg4lWvoAzVH_nhyi0F3Qxxsm4SZHlQaQcjXrtyT8xg-zORjmjTnDKTSopaXEv0rs3UG5f1u4dGGYNZLvoW971-ltlURimuNZ30namd-HyS1wTVVLWYqNCXULZbopuL_vCiCABP9d5hjhzhkt4-PHnz2bAGd1VElpogFmt6pYztdQKwJ6S65aJJdpDG-N4z-dXzfUG_kHzZEpmT0TQNKQxP7UHzELEwwi1wQ","p":"8HkAy0_m2X2eUKK7j-K3btm77TX_Jmezz61qaQcGu-FtFZfhrFZmY_dJo3UO5Tz87isOfNm34pxf4-0No-6i2r59RO4GAPd28BplIsZVW-wswotEKBmF43KGiqzmgTBMeNME3HwOGxNS9MTsg3uzshHTliqXPPyjSPX_SY7-1d0","q":"yZrqF2d2qS7ATnl2tUr57UucoIbmYkBjTZRTcRDhIQXKmwUzLKj2gw9fWOeYNwS9O-hwmjXOtPOlNLbP0pHG6W4gDAhLFfIts-dM-PqKbrQZh98aLy5kcVF7v0vToT8oUJ38RGGpgEe7VKPWxje7rkOG4M81bdJpHqRz8eyLslk","dp":"4ebqZhSTqvElTl7xkEPNSmdk8XxuSyfUdV5VvoCJROqKTWS27ezklzhxhwqqiZN3kE4GeCcXZdy9ACNrUvsVJiUZDS4FmdbfdsN1CuwCuC3wBnpJ9tmzO24VEiVHDUnQLRkfUfmATtMidSqhfQsyTjAM8t7j4Lj8s8fUoMeigkk","dq":"ILDZErB5QlfNYSw6_ozI2ByxqioVw4rTT2ok2am2B8fLobWHJc_EIV5lxKHRQeKn2MYJNEhTW25CtLiMHIX87i8oTSsvGcDqfkicZ6cguXDEzw5zTYFFUka3PT7Lc1Mtc10a4e_AL4fyLXhfxEaXTVuvzFZtQIClAQ4DqxADWwk","qi":"4EtYtsqWWeWX83_4D1G_eNMa8nZ5zRtlO_A8DBhF1GdzXZ_LR1fvQxn8RII9bQLKqI2yx55R8ffu06S_V8trldYt0eUa6-9gSDSgMMEWXR0MkG4H5oMkMrqFVUbCpmZjZM0t_I5wJxweVdDRtEQt5FZnMGXNLCF4PxzEBUAu_KI"}
Ruby JWT needs to be signed with:

jose newkey -s 256 -t oct -a HS512
Which results in that one:

{"kty":"oct","kid":"NVEMecDZaPfRsv5Lg-NSk1YPORZo2-jw01_OaX8JJKI","alg":"HS512","k":"6CfE03LdzuKXB70UDAJjVlXss6iSP2NgKcJyrzZKNm8"}

What I also do not understand how I can provide these keys in an env variable.

Thank you in advance

Contributing 🙌🏽

No, I am afraid I cannot help regarding this

The text was updated successfully, but these errors were encountered:

balazsorban44 · 2022-09-26T19:38:35Z

See https://next-auth.js.org/configuration/options#override-jwt-encode-and-decode-methods

exocode added the question Ask how to do something or how something works label Sep 26, 2022

balazsorban44 closed this as completed Sep 26, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to use when backend only accepts rsa keys? #5429

How to use when backend only accepts rsa keys? #5429

exocode commented Sep 26, 2022

balazsorban44 commented Sep 26, 2022

How to use when backend only accepts rsa keys? #5429

How to use when backend only accepts rsa keys? #5429

Comments

exocode commented Sep 26, 2022

Question 💬

How to reproduce ☕️

Contributing 🙌🏽

balazsorban44 commented Sep 26, 2022